2 Creating an Application By Using the Workday Connectors

Learn about onboarding applications using the connector and the prerequisites for doing so.

• Process Flow for Creating an Application By Using the Connector

• Prerequisites for Creating an Application By Using Connector

• Creating an Application By Using the Connector

2.1 Process Flow for Creating an Application By Using the Connector

From Oracle Identity Governance release 12.2.1.3.0 onward, connector deployment is handled using the application onboarding capability of Identity Self Service.

Figure 2-1 is a flowchart depicting high-level steps for creating an application in Oracle Identity Governance by using the connector installation package.

Figure 2-1 Overall Flow of the Process for Creating an Application By Using the Connector

2.2 Prerequisites for Creating an Application By Using Connector

Learn about the tasks that you must complete before you create the application.

• Downloading the Connector Installation Package

• Creating an Integrated System User in Workday to Perform Connector Operations

• Configuring Raas Reports on workday

2.2.1 Downloading the Connector Installation Package

You can obtain the installation package for your connector on the Oracle Technology Network (OTN) website.

To download the connector installation package:

1. Navigate to the OTN website at http://www.oracle.com/technetwork/middleware/id-mgmt/downloads/connectors-101674.html.
2. Click OTN License Agreement and read the license agreement.
3. Select the Accept License Agreement option.
   You must accept the license agreement before you can download the installation package.
4. Download and save the installation package to any directory on the computer hosting Oracle Identity Governance.
5. Extract the contents of the installation package to any directory on the computer hosting Oracle Identity Governance. This creates a directory named CONNECTOR_NAME-RELEASE_NUMBER.
6. Copy the CONNECTOR_NAME-RELEASE_NUMBER directory to the OIG_HOME/server/ConnectorDefaultDirectory directory.

2.2.2 Creating an Integrated System User in Workday to Perform Connector Operations

To perform connector operations, create an integrated system user in Workday.

To create an integrated system user:

1. Log in to Workday with an account that provides administrative privileges.
2. Create required users, and add them to a group as follows:
   1. Search for and open the Create Integration System User task.
   2. Configure and save the integration system user.
   3. Search for and open the Create Security Group task.
   4. In the Type of Tenanted Security Group field, choose Integration System Security Group (Unconstrained).
   5. Enter a group name and click OK.
   6. Select all users you created from the Integration System Users choice list, click OK, and then click Done.
3. Add the integration security group to domains as follows:
   1. Search for domain: manage org and open the Manage: Organization Integration domain.
   2. Click the ellipsis (...) next to Manage Organization Information.
   3. In the new window, point to Domain and select Edit Security Policy Permissions.
   4. Under Integration Permissions, add the security group that you created and click OK.
   5. Repeat previous steps to add the security group to the following domains:
      • domain: Worker Data: public worker reports
      • domain: Worker Data: Personal Data
      • domain: Worker Data: Current Staffing Information
      • domain: Worker Data: Contingent Worker Assignment Details
      • domain: Worker Data: Employment Data
      • domain: Worker Data: Worker ID
      • domain: Manage: Location
      • domain: Manage: Organization Integration
      • domain: Organization: Cost Center
      • domain: Job Information
      • domain: Personal Data: Personal Information
      • domain: External Account Provisioning
      • domain: User-Based Security Group Administration
      • domain: Workday Accounts
4. Activate Pending Security Policy Changes as follows:
   1. Search for activate.
   2. Click Activate Pending Security Policy Changes.
   3. Enter a comment and click OK.

2.2.3 Configuring Raas Reports on workday

• Search for Create Custom Report>>Provide Report name>>Report Type = Advanced>>
• DataSource=”SecurityGroups”/” Assignable Roles”(Depending upon the use case)>>Click Ok Add columns as shown in the below provide figure.

  Note:

  This is applicable from Workday 12.2.1.3.1C.

Figure 2-2 Security Groups Raas report columns

Figure 2-3 Organization Raas report columns

>>Click on Share>>Provide the privileged user who can have access to these reports.

2.3 Creating an Application By Using the Connector

You can onboard an application into Oracle Identity Governance from the connector package by creating a target application. To do so, you must log in to Identity Self Service and then choose the Applications box on the Manage tab.

The following is the high-level procedure to create an application by using the connector:

Note:

For detailed information on each of the steps in this procedure, see Creating Applications of Oracle Fusion Middleware Performing Self Service Tasks with Oracle Identity Governance.

1. Create an application in Identity Self Service. The high-level steps are as follows:
   1. Log in to Identity Self Service either by using the System Administration account or an account with the ApplicationInstanceAdministrator admin role.
   2. Ensure that the Connector Package option is selected when creating an application.
   3. Update the basic configuration parameters to include connectivity-related information.
   4. If required, update the advanced setting parameters to update configuration entries related to connector operations.
   5. Review the default user account attribute mappings. If required, add new attributes or you can edit or delete existing attributes.
   6. Review the provisioning, reconciliation, organization, and catalog settings for your application and customize them if required. For example, you can customize the default correlation rules for your application if required.
   7. Review the details of the application and click Finish to submit the application details.
   8. When you are prompted whether you want to create a default request form, click Yes or No.

      If you click Yes, then the default form is automatically created and is attached with the newly created application. The default form is created with the same name as the application. The default form cannot be modified later. Therefore, if you want to customize it, click No to manually create a new form and attach it with your application.

      Note:

      In the Authoritative (Trusted) application, the prompt window will not be displayed.
2. Verify reconciliation and provisioning operations on the newly created application.

See Also:

• Configuring the Workday Connector for a Target Application and Configuring the Workday Connector for an Authoritative Application for details on basic configuration and advanced settings parameters, default user account attribute mappings, default correlation rules, and reconciliation jobs that are predefined for this connector

• Configuring Oracle Identity Governance for details on creating a new form and associating it with your application, if you chose not to create the default form.